You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Vanessa Campos <dk...@yahoo.com> on 2006/03/18 13:20:37 UTC

SSL on Tomcat

Hi, everybody,

I want to use SSL on Tomcat. I've already set everything up and it's
working fine.
I also forced all the connections to be redirected to port 8443, on
global web.xml.

My question is: how can I force the redirection only when some pages
are hit? I tried using my app web.xml, but it didn't work.

Thanks.

Vanessa Campos
dkaths@yahoo.com
ICQ 35381281

"Efetivamente, para o homem, enquanto homem, nada tem valor a menos que ele possa executa-lo com entusiasmo" Max Weber


		
_______________________________________________________
Yahoo! Acesso Grátis - Internet rápida e grátis. Instale o discador agora!
http://br.acesso.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: SSL on Tomcat

Posted by Dhaval Patel <dh...@yahoo.com>.

One thing. You forced all connections to be redirected to port 8443 on global web.xml. So as per
my thought, it should reflect everything no matter if your web.xml has security-constraint or not.
I would not do it unless if it is necessary.

You can try to put security constraint like:
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Secure servlet</web-resource-name>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

You need to put that in into individual web-app. URL-pattern is the list of things that you want
to forced to secure.

Try to remove from global web.xml and customize each web-app using above rules.


Regards,
D


--- Vanessa Campos <dk...@yahoo.com> wrote:

> Hi, everybody,
> 
> I want to use SSL on Tomcat. I've already set everything up and it's
> working fine.
> I also forced all the connections to be redirected to port 8443, on
> global web.xml.
> 
> My question is: how can I force the redirection only when some pages
> are hit? I tried using my app web.xml, but it didn't work.
> 
> Thanks.
> 
> Vanessa Campos
> dkaths@yahoo.com
> ICQ 35381281
> 
> "Efetivamente, para o homem, enquanto homem, nada tem valor a menos que ele possa executa-lo com
> entusiasmo" Max Weber
> 
> 
> 		
> _______________________________________________________
> Yahoo! Acesso Grï¿½tis - Internet rï¿½pida e grï¿½tis. Instale o discador agora!
> http://br.acesso.yahoo.com
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org